<?php
require_once('includes/config.php');
require_once('includes/functions/func.global.php');
require_once('includes/classes/class.template_engine.php');
require_once('includes/lang/lang_'.$config['lang'].'.php');

// Start the session
session_start();

// Connect to the database
db_connect($config);

// Check if the user has a remember cookie set
checkremember($config);

if(!isset($_GET['cmd']))
{
	$_GET['cmd'] = 'comments';
}

// If no page is specified set to first page
if(!isset($_GET['page']))
{
	$_GET['page'] = 1;
}
else
{
	$_GET['page'] = makeInt($_GET['page']);
}

if($_GET['cmd'] == 'email')
{
	// Check that the user is logged in
	logincheck('story.php?id='.$_GET['id'].'&cmd=email');
}

if(isset($_POST['comment']))
{
	if(isset($_SESSION['duser']['id']))
	{
		$errors = 0;
	
		$_POST['comment'] = strip_tags($_POST['comment']);
		$_POST['comment'] = substr($_POST['comment'],0,500);
		
		if(strlen(trim($_POST['comment'])) == 0)
		{
			$errors++;
			$comment_error = 'Please enter a comment';
		}
	
		if($errors == 0)
		{	
			mysql_query("INSERT INTO `".$config['db']['pre']."comm` ( `comment_id` , `parent_id` , `story_id` , `user_id` , `user_name` , `comment_desc` , `comment_time` ) VALUES ('', '".addslashes($_POST['parentid'])."', '".addslashes($_GET['id'])."', '".$_SESSION['duser']['id']."', '".$_SESSION['duser']['name']."', '".addslashes($_POST['comment'])."', '".time()."');");
			
			if(mysql_insert_id())
			{
				mysql_query("UPDATE `".$config['db']['pre']."stories` SET `story_comments` = story_comments+1 WHERE `story_id` =".addslashes($_GET['id'])." LIMIT 1 ;");
			}
			
			header("Location: story.php?id=".$_GET['id']);
			exit;
		}
	}
}

if(isset($_POST['email']))
{
	logincheck('story.php?id='.$_POST['id'].'&cmd=email');
	
	$story_info = mysql_fetch_array(mysql_query("SELECT story_id,story_title FROM ".$config['db']['pre']."stories WHERE story_id='".addslashes($_POST['id'])."' LIMIT 1"));
	
	if(!isset($story_info['story_id']))
	{
		exit('Story not found');
	}
	
	if($config['mod_rewrite'] == 1)
	{
		$email_url = $config['site_url'].'stories/'.$story_info['story_id'].'/'.modrewriteurl($story_info['story_title']).'.html';
	}
	else
	{
		$email_url = $config['site_url'].'story.php?id='.$story_info['story_id'];
	}
	
	$message = $config['site_title']." user ".$_SESSION['duser']['name']." would like to share this story with you:\n\n".$email_url;
	
	require_once('includes/classes/class.phpmailer.php');
	
	$mail = new PHPMailer();
	
	if ($config['email']['type'] == 'smtp')
	{
		$mail->IsSMTP();
		$mail->SMTPAuth = true;
		$mail->Username = $config['email']['smtp']['username'];
		$mail->Password = $config['email']['smtp']['password'];
		$mail->Host = $config['email']['smtp']['host'];
	}
	elseif ($config['email']['type'] == 'sendmail')
	{
		$mail->IsSendmail();
	}
	else
	{
		$mail->IsMail();
	}
	
	$mail->FromName = $config['site_title'];
	$mail->From = $config['admin_email'];
	$mail->AddAddress($_POST['email']);
	
	$mail->Subject = $config['site_title'].' - '.$story_info['story_title'];
	$mail->Body = $message;

	$mail->Send();
	
	header("Location: story.php?id=".$_POST['id']."&cmd=email&sent=1");
	exit;
}

$query = "SELECT story_id,story_title,story_desc,story_digs,story_cat,story_url,story_comments,user_name,user_id,story_tags,story_time FROM ".$config['db']['pre']."stories WHERE story_id='".addslashes($_GET['id'])."' LIMIT 1";
$query_result = @mysql_query ($query) OR error(mysql_error(), __LINE__, __FILE__, 0, '', '');
$story = @mysql_fetch_array($query_result);

if(!isset($story['story_id']))
{
	exit('Story not found');
}

if(isset($_SESSION['duser']['id']))
{
	$user_dig = mysql_num_rows(mysql_query("SELECT 1 FROM ".$config['db']['pre']."digs WHERE user_id='".$_SESSION['duser']['id']."' AND story_id='".addslashes($_GET['id'])."' LIMIT 1"));
}
else
{
	$user_dig = 0;
}

// Get site categories
$cats = get_cats($config,$lang);

if($_GET['cmd'] == 'comments')
{
	$coms = array();
	$coms2 = array();
	$coms_array = array();
	$sort = array();
	$cparent = array();
	$current_time = time();
	$avatars = array();
	$avatar_where = '';
	
	$query = "SELECT comment_id,comment_desc,user_id,user_name,comment_time,comment_digs,parent_id FROM ".$config['db']['pre']."comm WHERE story_id='".addslashes($_GET['id'])."' ORDER BY comment_time ASC";
	$query_result = @mysql_query ($query) OR error(mysql_error(), __LINE__, __FILE__, 0, '', '');
	while ($info = @mysql_fetch_array($query_result))
	{
		$info['took'] = ($current_time-$info['comment_time']);
		$info['comment_desc'] = stripslashes($info['comment_desc']);
		$info['dug'] = 0;
		$info['hide'] = 0;
		
		if(isset($_SESSION['user']['id']))
		{
			if($info['comment_digs'] < $_SESSION['duser']['comm'])
			{
				$info['hide'] = 1;
			}
		}
		else
		{
			if($info['comment_digs'] < -4)
			{
				$info['hide'] = 1;
			}
		}
	
		if($info['comment_digs'] > -1)
		{
			$info['comment_digs'] = '+'.$info['comment_digs'];
		}
	
		$took = time_taken($info['took']);
	
		$info['ago'] = $took;
	
		$coms[$info['comment_id']] = $info;
	
		if($config['mod_rewrite'] == 1)
		{
			$coms[$info['comment_id']]['user_link'] = $config['site_url'].'users/'.$info['user_id'].'/'.$info['user_name'].'/1.html';
		}
		else
		{
			$coms[$info['comment_id']]['user_link'] = $config['site_url'].'profile.php?id='.$info['user_id'];
		}
		
		$avatars[$info['user_id']] = $info['user_id'];
	}
	
	if(isset($_SESSION['duser']['id']))
	{
		$query = "SELECT comment_id,dig FROM ".$config['db']['pre']."cdigs WHERE story_id='".addslashes($_GET['id'])."' AND user_id='".$_SESSION['duser']['id']."'";
		$query_result = @mysql_query ($query) OR error(mysql_error(), __LINE__, __FILE__, 0, '', '');
		while ($info = @mysql_fetch_array($query_result))
		{
			if(isset($coms[$info['comment_id']]))
			{
				$coms[$info['comment_id']]['dug'] = $info['dig'];
				$coms[$info['comment_id']]['hide'] = 0;
			}
		}
	}
	
	$av_count = count($avatars);
	
	if($av_count > 0)
	{
		foreach ($avatars as $key => $info) 
		{
			if($avatar_where != '')
			{
				$avatar_where.= " OR user_id='".$key."'";
			}
			else
			{
				$avatar_where = "user_id='".$key."'";
			}
		}
		$avatar_where.= "LIMIT ".$av_count;
		
		$query = "SELECT user_id,avatar FROM ".$config['db']['pre']."users WHERE ".$avatar_where;
		$query_result = @mysql_query ($query) OR error(mysql_error(), __LINE__, __FILE__, 0, '', '');
		while ($info = @mysql_fetch_array($query_result))
		{
			$avatars[$info['user_id']] = getUserAvatar($info['user_id'],$config,false,$info['avatar']);
		}
		
		$count = 0;
		
		foreach ($coms as $key => $info) 
		{			
			$coms[$info['comment_id']]['avatar'] = $avatars[$info['user_id']];
		}
	}
	
	foreach ($coms as $key => $info) 
	{			
		if($info['parent_id'] == 0)
		{
			$sort[$count] = $info['comment_id'];
			$count++;
		}
		
		$coms_array[$info['parent_id']][$info['comment_id']] = $info;
	}
	
	foreach ($sort as $key => $info) 
	{
		$coms2[$info] = $coms_array[0][$info];
		unset($coms_array[0][$info]);
		
		if(isset($coms_array[$info]))
		{
			foreach ($coms_array[$info] as $key2 => $value2)
			{
				$coms2[$key2] = $value2;
				unset($coms_array[$info][$key2]);
			}
		}
	}
}
elseif($_GET['cmd'] == 'dugg')
{
	$dugg = array();
	$count = 1;
	
	$avatar_where = '';
	
	$query = "SELECT user_id FROM ".$config['db']['pre']."digs WHERE story_id='".addslashes($_GET['id'])."' LIMIT ".(($_GET['page']-1)*30).",30";
	$query_result = @mysql_query ($query) OR error(mysql_error(), __LINE__, __FILE__, 0, '', '');
	while ($info = @mysql_fetch_array($query_result))
	{	
		$dugg[$info['user_id']]['user_id'] = $info['user_id'];
		$dugg[$info['user_id']]['count'] = $count;
		
		if($avatar_where != '')
		{
			$avatar_where.= " OR user_id='".$info['user_id']."'";
		}
		else
		{
			$avatar_where = "user_id='".$info['user_id']."'";
		}
		
		$count++;
	}
	
	if($avatar_where != '')
	{
		$query = "SELECT user_id,avatar,username FROM ".$config['db']['pre']."users WHERE ".$avatar_where;
		$query_result = @mysql_query ($query) OR error(mysql_error(), __LINE__, __FILE__, 0, '', '');
		while ($info = @mysql_fetch_array($query_result))
		{
			$dugg[$info['user_id']]['username'] = $info['username'];
			$dugg[$info['user_id']]['avatar'] = getUserAvatar($info['user_id'],$config,false,$info['avatar']);
			
			if($config['mod_rewrite'] == 1)
			{
				$dugg[$info['user_id']]['user_link'] = $config['site_url'].'users/'.$info['user_id'].'/'.$info['username'].'/1.html';
			}
			else
			{
				$dugg[$info['user_id']]['user_link'] = $config['site_url'].'profile.php?id='.$info['user_id'];
			}
		}
	}
}

if($_GET['cmd'] == 'comments')
{
	$page = new HtmlTemplate ("templates/" . $config['tpl_name'] . "/story.html");
	$page->SetLoop ('COMMENTS', $coms);
}
elseif($_GET['cmd'] == 'email')
{
	$page = new HtmlTemplate ("templates/" . $config['tpl_name'] . "/story_email.html");
	
	if(isset($_GET['sent']))
	{
		$page->SetParameter ('MESSAGE', $lang['SENTEMAIL']);
	}
	else
	{
		$page->SetParameter ('MESSAGE', '');
	}
}
elseif($_GET['cmd'] == 'dugg')
{
	$page = new HtmlTemplate ("templates/" . $config['tpl_name'] . "/story_dugg.html");
	$page->SetLoop ('DUGG', $dugg);
	$page->SetLoop ('PAGES', pagenav($story['story_digs'],$_GET['page'],30,$config['site_url'].'story.php?id='.$_GET['id'].'&cmd=dugg',1));
}
$page->SetLoop ('CATS', $cats);
$page->SetParameter ('CAT_TITLE', $cats[$story['story_cat']]['cat_title']);
$page->SetParameter ('CAT_ID', $story['story_cat']);
if($config['mod_rewrite'] == 1)
{
	$page->SetParameter ('CAT_URL', $config['site_url'].'view/'.$story['story_cat'].'/'.modrewriteurl($cats[$story['story_cat']]['cat_title']).'/1.html');
	$page->SetParameter ('PROFILE_LINK', $config['site_url'].'users/'.$story['user_id'].'/'.$story['user_name'].'/1.html');
	$page->SetParameter ('EMAIL_URL', $config['site_url'].'stories/'.$story['story_id'].'/'.modrewriteurl($story['story_title']).'.html');
}
else
{
	$page->SetParameter ('CAT_URL', $config['site_url'].'cat.php?i='.$story['story_cat']);
	$page->SetParameter ('PROFILE_LINK', $config['site_url'].'profile.php?id='.$story['user_id']);
	$page->SetParameter ('EMAIL_URL', $config['site_url'].'story.php?id='.$story['story_id']);
}
$page->SetParameter ('STORY_TAGS', stripslashes($story['story_tags']));
$page->SetParameter ('STORY_TAGS_LINKS', parse_tags($config,stripslashes($story['story_tags'])));
$page->SetParameter ('STORY_DIGS', $story['story_digs']);
$page->SetParameter ('STORY_ID', $story['story_id']);
$page->SetParameter ('STORY_TITLE', stripslashes($story['story_title']));
$page->SetParameter ('STORY_DESC', stripslashes($story['story_desc']));
$page->SetParameter ('STORY_URL', $story['story_url']);
$page->SetParameter ('STORY_USER_NAME', $story['user_name']);
$page->SetParameter ('STORY_USER_ID', $story['user_id']);
$page->SetParameter ('STORY_COMMENTS', $story['story_comments']);
$page->SetParameter ('STORY_DOMAIN', getDomain($story['story_url']));
$page->SetParameter ('STORY_AGO', time_taken((time()-$story['story_time'])));
if(isset($story['story_diggurl']))
{
	$page->SetParameter ('STORY_DIGGURL', $story['story_diggurl']);
}
else
{
	$page->SetParameter ('STORY_DIGGURL', '');
}
$page->SetParameter ('USER_DUGG',$user_dig);
$page->SetParameter ('OVERALL_HEADER', create_header($config,$lang,$cats,stripslashes($story['story_title'])));
$page->SetParameter ('OVERALL_FOOTER', create_footer($config,$lang));
if(isset($_SESSION['duser']['id']))
{
	$page->SetParameter ('USERNAME',$_SESSION['duser']['name']);
	$page->SetParameter ('LOGGEDIN', 1);
}
else
{
	$page->SetParameter ('LOGGEDIN', 0);
}
$page->SetParameter ('SITE_TITLE',$config['site_title']);
$page->CreatePageEcho($lang,$config);
?>